Is CVE-2004-0079 actively exploited?

CVE-2004-0079 has no public evidence of in-the-wild exploitation as of 2025-04-03.

What is the CVSS score for CVE-2004-0079?

CVE-2004-0079 has a CVSS score of 7.5 (HIGH severity). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

How do I patch CVE-2004-0079?

Patch guidance is available from cisco security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2004-0079.

Fix CVE-2004-0079 - HIGH cisco firewall services module

Q: Which products are affected by CVE-2004-0079?

252 products: cisco firewall services module, cisco firewall services module, cisco firewall services module, cisco firewall services module, cisco firewall services module, and 247 more.

Description

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

CVSS Metrics

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector: network
Complexity: low
Privileges: none
User Action: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
Weaknesses: CWE-476 · NULL Pointer Dereference CWE-476 · NULL Pointer Dereference

Metadata

Primary Vendor: CISCO
Published: 11/23/2004
Last Modified: 4/3/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

cisco : firewall_services_modulecisco : firewall_services_modulecisco : firewall_services_modulecisco : firewall_services_modulecisco : firewall_services_modulehp : aaa_serverhp : apache-based_web_serverhp : apache-based_web_serversymantec : clientless_vpn_gateway_4400cisco : ciscoworks_common_management_foundationcisco : ciscoworks_common_servicesavaya : converged_communications_serveravaya : sg200avaya : sg200avaya : sg203avaya : sg203avaya : sg208avaya : sg208avaya : sg5avaya : sg5avaya : sg5apple : mac_os_xapple : mac_os_x_serverfreebsd : freebsdfreebsd : freebsdfreebsd : freebsdfreebsd : freebsdfreebsd : freebsdfreebsd : freebsdfreebsd : freebsdfreebsd : freebsdhp : hp-uxhp : hp-uxhp : hp-uxhp : hp-uxopenbsd : openbsdopenbsd : openbsdredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linux_desktopredhat : linuxredhat : linuxredhat : linuxsco : openserversco : openservercisco : ioscisco : ioscisco : ioscisco : ioscisco : ioscisco : ioscisco : ioscisco : ioscisco : ioscisco : ios4d : webstar4d : webstar4d : webstar4d : webstar4d : webstar4d : webstar4d : webstar4d : webstaravaya : intuity_audixavaya : intuity_audixavaya : intuity_audixavaya : intuity_audixavaya : vsuavaya : vsuavaya : vsuavaya : vsuavaya : vsuavaya : vsuavaya : vsuavaya : vsucheckpoint : firewall-1checkpoint : firewall-1checkpoint : firewall-1checkpoint : firewall-1checkpoint : firewall-1checkpoint : provider-1checkpoint : provider-1checkpoint : provider-1checkpoint : provider-1checkpoint : provider-1checkpoint : vpn-1checkpoint : vpn-1checkpoint : vpn-1checkpoint : vpn-1cisco : access_registrarcisco : application_and_content_networking_softwarecisco : css_secure_content_acceleratorcisco : css_secure_content_acceleratorcisco : css11000_content_services_switchcisco : okena_stormwatchcisco : pix_firewallcisco : threat_responsecisco : webnscisco : webnscisco : webnscisco : webnscisco : webnscisco : webnscisco : webnsdell : bsafe_ssl-jdell : bsafe_ssl-jdell : bsafe_ssl-jhp : wbemhp : wbemhp : wbemlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverlite : speed_technologies_litespeed_web_serverneoteris : instant_virtual_extranetneoteris : instant_virtual_extranetneoteris : instant_virtual_extranetneoteris : instant_virtual_extranetneoteris : instant_virtual_extranetnovell : edirectorynovell : edirectorynovell : edirectorynovell : edirectorynovell : edirectorynovell : edirectorynovell : edirectorynovell : edirectorynovell : imanagernovell : imanageropenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslopenssl : opensslredhat : opensslredhat : opensslredhat : opensslredhat : opensslredhat : opensslsgi : propacksgi : propacksgi : propackstonesoft : serverclusterstonesoft : serverclusterstonesoft : stonebeat_fullclusterstonesoft : stonebeat_fullclusterstonesoft : stonebeat_fullclusterstonesoft : stonebeat_fullclusterstonesoft : stonebeat_fullclusterstonesoft : stonebeat_securityclusterstonesoft : stonebeat_securityclusterstonesoft : stonebeat_webclusterstonesoft : stonebeat_webclusterstonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegatestonesoft : stonegate_vpn_clientstonesoft : stonegate_vpn_clientstonesoft : stonegate_vpn_clientstonesoft : stonegate_vpn_clientstonesoft : stonegate_vpn_clientstonesoft : stonegate_vpn_clienttarantella : tarantella_enterprisetarantella : tarantella_enterprisetarantella : tarantella_enterprisevmware : gsx_servervmware : gsx_servervmware : gsx_servervmware : gsx_servervmware : gsx_serveravaya : s8300avaya : s8300avaya : s8500avaya : s8500avaya : s8700avaya : s8700bluecoat : proxysgcisco : call_managercisco : content_services_switch_11500cisco : gss_4480_global_site_selectorcisco : gss_4490_global_site_selectorcisco : mds_9000cisco : secure_content_acceleratorsecurecomputing : sidewindersecurecomputing : sidewindersecurecomputing : sidewindersecurecomputing : sidewindersecurecomputing : sidewindersecurecomputing : sidewindersecurecomputing : sidewindersun : crypto_accelerator_4000bluecoat : cacheos_ca_sabluecoat : cacheos_ca_sacisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_softwarecisco : pix_firewall_software

Remediation Guidance

Executive Summary

View on NIST NVD